</td>
</tr>
</table>
<div class="rounded_box blue tab_menu_dropdown user_menu_dropdown shadowed">
<?php
if ($tbg_user->isGuest()) {
?>
<a href="javascript:void(0);" onclick="showFadedBackdrop('<?php
echo make_url('get_partial_for_backdrop', array('key' => 'login'));
?>
')"><?php
echo image_tag('icon_login.png') . __('Login');
?>
</a>
<?php
if (TBGSettings::isRegistrationAllowed()) {
?>
<a href="javascript:void(0);" onclick="showFadedBackdrop('<?php
echo make_url('get_partial_for_backdrop', array('key' => 'login', 'section' => 'register'));
?>
');"><?php
echo image_tag('icon_register.png') . __('Register');
?>
</a>
<?php
}
?>
<?php
} else {
?>
<div class="header"><?php
/**
* Returns the logged in user, or default user if not logged in
*
* @param TBGRequest $request
* @param TBGAction $action
*
* @return TBGUser
*/
public static function loginCheck(TBGRequest $request, TBGAction $action)
{
try {
$authentication_method = $action->getAuthenticationMethodForAction(TBGContext::getRouting()->getCurrentRouteAction());
$user = null;
$external = false;
switch ($authentication_method) {
case TBGAction::AUTHENTICATION_METHOD_ELEVATED:
case TBGAction::AUTHENTICATION_METHOD_CORE:
$username = $request['tbg3_username'];
$password = $request['tbg3_password'];
if ($authentication_method == TBGAction::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = $request['tbg3_elevated_password'];
}
$raw = true;
// If no username and password specified, check if we have a session that exists already
if ($username === null && $password === null) {
if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
$username = TBGContext::getRequest()->getCookie('tbg3_username');
$password = TBGContext::getRequest()->getCookie('tbg3_password');
$user = TBGUsersTable::getTable()->getByUsername($username);
if ($authentication_method == TBGAction::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = TBGContext::getRequest()->getCookie('tbg3_elevated_password');
if ($user instanceof TBGUser && !$user->hasPasswordHash($password)) {
$user = null;
} else {
if ($user instanceof TBGUser && !$user->hasPasswordHash($elevated_password)) {
TBGContext::setUser($user);
TBGContext::getRouting()->setCurrentRouteName('elevated_login_page');
throw new TBGElevatedLoginException('reenter');
}
}
} else {
if ($user instanceof TBGUser && !$user->hasPasswordHash($password)) {
$user = null;
}
}
$raw = false;
if (!$user instanceof TBGUser) {
TBGContext::logout();
throw new Exception('No such login');
}
}
}
// If we have authentication details, validate them
if (TBGSettings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
$external = true;
TBGLogging::log('Authenticating with backend: ' . TBGSettings::getAuthenticationBackend(), 'auth', TBGLogging::LEVEL_INFO);
try {
$mod = TBGContext::getModule(TBGSettings::getAuthenticationBackend());
if ($mod->getType() !== TBGModule::MODULE_AUTH) {
TBGLogging::log('Auth module is not the right type', 'auth', TBGLogging::LEVEL_FATAL);
}
if (TBGContext::getRequest()->hasCookie('tbg3_username') && TBGContext::getRequest()->hasCookie('tbg3_password')) {
$user = $mod->verifyLogin($username, $password);
} else {
$user = $mod->doLogin($username, $password);
}
if (!$user instanceof TBGUser) {
// Invalid
TBGContext::logout();
throw new Exception('No such login');
//TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
}
} catch (Exception $e) {
throw $e;
}
} elseif (TBGSettings::isUsingExternalAuthenticationBackend()) {
$external = true;
TBGLogging::log('Authenticating without credentials with backend: ' . TBGSettings::getAuthenticationBackend(), 'auth', TBGLogging::LEVEL_INFO);
try {
$mod = TBGContext::getModule(TBGSettings::getAuthenticationBackend());
if ($mod->getType() !== TBGModule::MODULE_AUTH) {
TBGLogging::log('Auth module is not the right type', 'auth', TBGLogging::LEVEL_FATAL);
}
$user = $mod->doAutoLogin();
if ($user == false) {
// Invalid
TBGContext::logout();
throw new Exception('No such login');
//TBGContext::getResponse()->headerRedirect(TBGContext::getRouting()->generate('login'));
}
} catch (Exception $e) {
throw $e;
}
} elseif ($username !== null && $password !== null && !$user instanceof TBGUser) {
$external = false;
TBGLogging::log('Using internal authentication', 'auth', TBGLogging::LEVEL_INFO);
$user = TBGUsersTable::getTable()->getByUsername($username);
if (!$user->hasPassword($password)) {
$user = null;
}
if (!$user instanceof TBGUser) {
TBGContext::logout();
}
}
break;
case TBGAction::AUTHENTICATION_METHOD_DUMMY:
$user = TBGUsersTable::getTable()->getByUserID(TBGSettings::getDefaultUserID());
break;
case TBGAction::AUTHENTICATION_METHOD_CLI:
$user = TBGUsersTable::getTable()->getByUsername(TBGContext::getCurrentCLIusername());
break;
case TBGAction::AUTHENTICATION_METHOD_RSS_KEY:
$user = TBGUsersTable::getTable()->getByRssKey($request['rsskey']);
break;
case TBGAction::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
$user = TBGUsersTable::getTable()->getByUsername($request['api_username']);
if (!$user->authenticateApplicationPassword($request['api_token'])) {
$user = null;
}
break;
default:
if (!TBGSettings::isLoginRequired()) {
$user = TBGUsersTable::getTable()->getByUserID(TBGSettings::getDefaultUserID());
}
}
if ($user instanceof TBGUser) {
if (!$user->isActivated()) {
throw new Exception('This account has not been activated yet');
} elseif (!$user->isEnabled()) {
throw new Exception('This account has been suspended');
} elseif (!$user->isConfirmedMemberOfScope(TBGContext::getScope())) {
if (!TBGSettings::isRegistrationAllowed()) {
throw new Exception('This account does not have access to this scope');
}
}
if ($external == false && $authentication_method == TBGAction::AUTHENTICATION_METHOD_CORE) {
$password = $user->getHashPassword();
if (!$request->hasCookie('tbg3_username')) {
if ($request->getParameter('tbg3_rememberme')) {
TBGContext::getResponse()->setCookie('tbg3_username', $user->getUsername());
TBGContext::getResponse()->setCookie('tbg3_password', $user->getPassword());
} else {
TBGContext::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
TBGContext::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
}
}
}
} elseif (TBGSettings::isLoginRequired()) {
throw new Exception('Login required');
} else {
throw new Exception('No such login');
}
} catch (Exception $e) {
throw $e;
}
return $user;
}
